US9811827B2ActiveUtilityA1

System and method for providing transaction verification

79
Assignee: GOOGLE INCPriority: Feb 28, 2012Filed: Jan 25, 2013Granted: Nov 7, 2017
Est. expiryFeb 28, 2032(~5.6 yrs left)· nominal 20-yr term from priority
Inventors:Nayer Naguib
G06Q 20/3227G06Q 20/3825G06Q 20/401
79
PatentIndex Score
4
Cited by
77
References
17
Claims

Abstract

A transaction verification process performed by a transaction network operator in communication with a client computing device and a third party provider. A computing device may be equipped with an integrity verification module for verifying the system integrity of the computing device, and a cryptographic module for digitally signing transaction requests. The transaction network operator may verify that transaction requests processed by the third party provider are properly associated with a valid computing device by verifying signatures from the cryptographic module and the integrity verification module. In response to a request from the third party provider, the transaction network operator may verify that the computing device is authorized to complete the transaction by challenging the computing device for proper credentials. The transaction network operator may verify the credentials provided by the client device and indicate to the third party provider that the transaction is valid.

Claims

exact text as granted — not AI-modified
The invention claimed is: 
     
       1. A computer-implemented method to provide secure online transactions, comprising:
 receiving, by a transaction network server, a set of transaction details from a service provider, the transaction details comprising at least a user identifier and identifying a transaction initiated by a client device associated with the user identifier and registered with the transaction network server; 
 communicating, by the transaction network server, a transaction verification message to the client device for digital signature by the client device, wherein receipt of the transaction verification message for digital signature causes a user of the client device to switch operation of the client device to a secure operating mode; 
 generating, by the client device, a digital signature that verifies the transaction, wherein the digital signature is generated by a cryptographic module on the client device only when the client device is operating in the secure operating mode, and wherein the digital signature is not provided to the service provider; 
 communicating, by the client device, to the transaction network server the digital signature that verified the transaction; 
 receiving, by the transaction network server, the digital signature communicated from the client device; 
 verifying, by the transaction network server, the digital signature used by the client device to verify the transaction by comparing the digital signature to a previously registered digital signature stored on the transaction network server and associated with the cryptographic module on the client device; and 
 instructing the service provider, by the transaction network server, that the secure transaction is approved in response to successful verification of the digital signature by the transaction network server. 
 
     
     
       2. The method of  claim 1 , further comprising presenting the transaction details to the client device for approval prior to verifying the digital signature. 
     
     
       3. The method of  claim 1 , wherein the digital signature comprises an integrity verification signature and a cryptographic signature. 
     
     
       4. The method of  claim 3 , wherein the cryptographic signature is provided by a physical authentication device. 
     
     
       5. The method of  claim 1 , wherein the client device provides a user credential along with the digital signature. 
     
     
       6. The method of  claim 5 , wherein the user credential is a credit card number or a debit card number. 
     
     
       7. The method of  claim 1 , further comprising notifying a user associated with the client device via a communication channel that the secure transaction has been approved. 
     
     
       8. A non-transitory computer readable storage medium containing instructions that, when executed by a processor, cause the processor to execute a method comprising:
 receiving, from a service provider, a set of transaction details, the transaction details comprising at least a user identifier and identifying a transaction initiated by a client device associated with the user identifier and registered with a transaction network server; 
 communicating, to the client device, a transaction verification message for digital signature by the client device, wherein receipt of the transaction verification message for digital signature causes a user of the client device to switch operation of the client device to a secure operating mode; 
 generating, by the client device, a digital signature that verifies the transaction, wherein the digital signature is generated by a cryptographic module on the client device only when the client device is operating in the secure operating mode, and wherein the digital signature is not provided to the service provider; 
 communicating, by the client device, to the transaction network server the digital signature that verified the transaction; 
 receiving, by the transaction network server, from the client device, the digital signature that verified the transaction; 
 verifying, by the transaction network server, the digital signature used by the client device to verify the transaction by comparing the digital signature to a previously registered digital signature stored on the transaction network server and associated with the cryptographic module on the client device; and 
 instructing the service provider that the secure transaction is approved in response to successful verification of the digital signature by the transaction network server. 
 
     
     
       9. The computer readable storage medium of  claim 8 , further comprising presenting the transaction details to the client device for approval prior to verifying the digital signature. 
     
     
       10. The computer readable storage medium of  claim 8 , wherein the digital signature comprises an integrity verification signature and a cryptographic signature. 
     
     
       11. The computer readable storage medium of  claim 10 , wherein the cryptographic signature is provided by a physical authentication device. 
     
     
       12. The computer readable storage medium of  claim 8 , wherein the client device provides a user credential along with the authorization signature, the user credential being issued by a transaction network operator in response to registration of the client device with the transaction network operator. 
     
     
       13. The method of  claim 12 , wherein the user credential is a credit card number or a debit card number. 
     
     
       14. The computer readable storage medium of  claim 8 , further comprising notifying a user associated with the client device via a communication channel that the secure transaction has been approved. 
     
     
       15. A system to provide secure online transactions, comprising:
 a storage device; and 
 a processor communicatively coupled to the storage device, wherein the processor executes application code instructions that are stored in the storage device to cause the system to: 
 receive a set of transaction details from a service provider, the transaction details comprising at least a user identifier and identifying a transaction initiated by a client device associated with the user identifier and registered with the transaction network server; 
 communicate a transaction verification message to the client device for digital signature by the client device, wherein receipt of the transaction verification message for digital signature a user of the client device to switch operation of the client device to a secure operating mode; 
 generate a digital signature that verifies the transaction, wherein the digital signature is generated by a cryptographic module on the client device only when the client device is operating in the secure operating mode, and wherein the digital signature is not provided to the service provider; 
 communicate to the transaction network server the digital signature verifying the transaction; 
 receive the digital signature communicated from the client device; 
 verify the digital signature used by the client device to verify the transaction by comparing the digital signature to a previously registered digital signature stored on the transaction network server and associated with the cryptographic module on the client device; and 
 instruct the service provider that the secure transaction is approved in response to successful verification of the digital signature. 
 
     
     
       16. The system of  claim 15 , wherein the digital signature comprises an integrity verification signature and a cryptographic signature. 
     
     
       17. The system of  claim 16 , wherein the cryptographic signature is provided by a physical authentication device.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.